How ready are we for a cyber attack?

BambiFrancisco

SAN FRANCISCO (CBS.MW) -- As Congress starts debating the Homeland Security bill Thursday, an industry coalition is encouraging corporate America to secure networks even more than they are now.

Sixty percent of the 600 IT professionals surveyed believe U.S. businesses are at risk for a major cyber attack in the next 12 months, according to the Business Software Alliance, a business organization promoting a safe and legal online environment. The group consists of security firms, such as Network Associates
NET, +0.21%
and Symantec
SYMC, -0.54%
to broad tech companies, such as Microsoft
MSFT, -0.71%
IBM
IBM, +0.11%
Hewlett-Packard
HPQ, -0.23%
and Dell
DELL

The frustration is that no one really knows what a cyber attack will look like. It could range from viruses that attack e-mails to hacking into major transportation or financial systems.

Forty-five of the IT managers surveyed feel they need to do more. "U.S. businesses aren't prepared for cyber attacks," said Robert Holleyman, president and CEO of the Business Software Alliance. "The gap that IT professionals identified between the readiness and the risk is exemplified in this survey. U.S. adults are not believing that businesses are at risk to a cyber attack."

The good news is that nearly 60 percent of IT professionals do believe that they're better prepared for a cyber attack since Sept. 11. Additionally, Holleyman said that it appears the tools are currently available to secure the networks.

The survey did not ask the professionals how much they spent on securing their networks or what they felt they needed to spend to secure their networks. It depends on how much security a company has already integrated into its systems. For instance, 92 percent surveyed said they had anti-virus software, 86 percent said every network used a firewall while less than half had a person designated to coordinate reports to law agencies.

To be sure, there is no fail-safe method to keep the nation's networks impenetrable. But at the very least, businesses should have a security checklist.

"It can be as simple as changing passwords every 90 days to using end-to-end encryption to making sure that there is back-up software offsite," said Holleyman. Check out BSA's checklist.

The BSA is also encouraging the federal government to set standards. "There is widespread recognition that federal government has not done enough to secure its systems," he said. "We also want a division of cyber security within that department that helps coordinate major cyber attacks and can receive information from business." The BSA is not looking to lobby for federal funds to help the private sector secure its networks.

But one burgeoning organization, the Homeland Security Consortium, which is currently being formed by Martin Ross, an investor in public and private companies, is trying to ensure that government funds for Homeland Security are accessible to the private sector and universities. To this end, there needs to be greater communication among the three groups to better understand the security needs of government. See previous Net Sense: Homeland security is Net security.

Other organizations are also contributing in some way to ensure corporate America is prepared for cyber attacks. Gartner Inc. and the United States Naval War College began a three-day war-gaming exercise on Wednesday. The simulated event is designed to assess readiness within the United States for cyber-attacks against energy grids, telecommunications, financial institutions and the Internet itself.

Of note...

Overture
OVER, +0.47%
shares fell in after-hours trading action on news the company plans on investing more to expand its search business, particularly overseas. This strategy was announced the same time Overture announced better-than-expected results for its second quarter after the close Thursday.

Shares of Overture fell to $20.02 in after-hours trading action after rising in regular trading.

Intraday Data provided by SIX Financial Information and subject to terms of use. Historical and current end-of-day data provided by SIX Financial Information. All quotes are in local exchange time. Real-time last sale data for U.S. stock quotes reflect trades reported through Nasdaq only. Intraday data delayed at least 15 minutes or per exchange requirements.